Re: how to prep $_POST field for MySQL's AES_ENCRYPT() ??

30/08/2007, 22h37

"Jerry Stuckle" <jstucklex@attglobal.net> wrote in message
news:nqKdndvPlILL9k7bnZ2dnUVZ_ojinZ2d@comcast.com. ..
> Paul wrote:
>> I want to add a binary element (AES_ENCRYPT()) to a $_POST array. I need
>> to make it binary because it is going into a BLOB field.
>>
>> $results = $dbr->Execute('select * from table1 where id='.$_GET['id']);
>> ...
>> // validation take place and now is processed
>> $_POST["field1"] = $dbr->GetOne('select
>> AES_ENCRYPT('.trim($_POST['field1']).', \'salt*&)#\')');
>> // there are other $_POST fields that are in cluded in the next line
>> // GetInsertSQL is a function that eventually calls $dbr->Execute()
>> $dbr ->GetInsertSQL($results, $_POST, true);
>> It decrypts most records (field1) but not all. After researching it, I
>> think
>> the problem lies in how I am adding the encrypted field.
>>
>> I think I need to make the $_POST["field1"] binary, somehow.
>>
>> If so, how do I do that?
>>
>> Any other ideas?
>>
>> (the $dbr is an ADODB element.)
>
> First of all, why are you changing the $_POST variable? It really should
> be considered read only, even though it isn't. Otherwise you can get
> other problems when you have code which expects it to be unchanged.
>
> And why do you think you need to make it binary? There is no real
> "binary" type in PHP.

I inherited this code and trying to make it work without rewriting it.

It needs to be binary because, as you see, it uses MySQL's AES_ENCRYPT()
which returned binary and goes to a BLOB field.

Thanks.

31/08/2007, 01h00

Paul wrote:
> "Jerry Stuckle" <jstucklex@attglobal.net> wrote in message
> news:nqKdndvPlILL9k7bnZ2dnUVZ_ojinZ2d@comcast.com. ..
>> Paul wrote:
>>> I want to add a binary element (AES_ENCRYPT()) to a $_POST array. I need
>>> to make it binary because it is going into a BLOB field.
>>>
>>> $results = $dbr->Execute('select * from table1 where id='.$_GET['id']);
>>> ...
>>> // validation take place and now is processed
>>> $_POST["field1"] = $dbr->GetOne('select
>>> AES_ENCRYPT('.trim($_POST['field1']).', \'salt*&)#\')');
>>> // there are other $_POST fields that are in cluded in the next line
>>> // GetInsertSQL is a function that eventually calls $dbr->Execute()
>>> $dbr ->GetInsertSQL($results, $_POST, true);
>>> It decrypts most records (field1) but not all. After researching it, I
>>> think
>>> the problem lies in how I am adding the encrypted field.
>>>
>>> I think I need to make the $_POST["field1"] binary, somehow.
>>>
>>> If so, how do I do that?
>>>
>>> Any other ideas?
>>>
>>> (the $dbr is an ADODB element.)
>> First of all, why are you changing the $_POST variable? It really should
>> be considered read only, even though it isn't. Otherwise you can get
>> other problems when you have code which expects it to be unchanged.
>>
>> And why do you think you need to make it binary? There is no real
>> "binary" type in PHP.
>
> I inherited this code and trying to make it work without rewriting it.
>
> It needs to be binary because, as you see, it uses MySQL's AES_ENCRYPT()
> which returned binary and goes to a BLOB field.
>
> Thanks.
>
>

That doesn't mean you have to live with shitty code. But as I said -
there's no "binary" type in PHP.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

30/08/2007, 22h37	#1
Paul Messages: n/a Hébergeur:	Re: how to prep $_POST field for MySQL's AES_ENCRYPT() ?? "Jerry Stuckle" <jstucklex@attglobal.net> wrote in message news:nqKdndvPlILL9k7bnZ2dnUVZ_ojinZ2d@comcast.com. .. > Paul wrote: >> I want to add a binary element (AES_ENCRYPT()) to a $_POST array. I need >> to make it binary because it is going into a BLOB field. >> >> $results = $dbr->Execute('select * from table1 where id='.$_GET['id']); >> ... >> // validation take place and now is processed >> $_POST["field1"] = $dbr->GetOne('select >> AES_ENCRYPT('.trim($_POST['field1']).', \'salt*&)#\')'); >> // there are other $_POST fields that are in cluded in the next line >> // GetInsertSQL is a function that eventually calls $dbr->Execute() >> $dbr ->GetInsertSQL($results, $_POST, true); >> It decrypts most records (field1) but not all. After researching it, I >> think >> the problem lies in how I am adding the encrypted field. >> >> I think I need to make the $_POST["field1"] binary, somehow. >> >> If so, how do I do that? >> >> Any other ideas? >> >> (the $dbr is an ADODB element.) > > First of all, why are you changing the $_POST variable? It really should > be considered read only, even though it isn't. Otherwise you can get > other problems when you have code which expects it to be unchanged. > > And why do you think you need to make it binary? There is no real > "binary" type in PHP. I inherited this code and trying to make it work without rewriting it. It needs to be binary because, as you see, it uses MySQL's AES_ENCRYPT() which returned binary and goes to a BLOB field. Thanks.

31/08/2007, 01h00	#2
Jerry Stuckle Messages: n/a Hébergeur:	Re: how to prep $_POST field for MySQL's AES_ENCRYPT() ?? Paul wrote: > "Jerry Stuckle" <jstucklex@attglobal.net> wrote in message > news:nqKdndvPlILL9k7bnZ2dnUVZ_ojinZ2d@comcast.com. .. >> Paul wrote: >>> I want to add a binary element (AES_ENCRYPT()) to a $_POST array. I need >>> to make it binary because it is going into a BLOB field. >>> >>> $results = $dbr->Execute('select * from table1 where id='.$_GET['id']); >>> ... >>> // validation take place and now is processed >>> $_POST["field1"] = $dbr->GetOne('select >>> AES_ENCRYPT('.trim($_POST['field1']).', \'salt*&)#\')'); >>> // there are other $_POST fields that are in cluded in the next line >>> // GetInsertSQL is a function that eventually calls $dbr->Execute() >>> $dbr ->GetInsertSQL($results, $_POST, true); >>> It decrypts most records (field1) but not all. After researching it, I >>> think >>> the problem lies in how I am adding the encrypted field. >>> >>> I think I need to make the $_POST["field1"] binary, somehow. >>> >>> If so, how do I do that? >>> >>> Any other ideas? >>> >>> (the $dbr is an ADODB element.) >> First of all, why are you changing the $_POST variable? It really should >> be considered read only, even though it isn't. Otherwise you can get >> other problems when you have code which expects it to be unchanged. >> >> And why do you think you need to make it binary? There is no real >> "binary" type in PHP. > > I inherited this code and trying to make it work without rewriting it. > > It needs to be binary because, as you see, it uses MySQL's AES_ENCRYPT() > which returned binary and goes to a BLOB field. > > Thanks. > > That doesn't mean you have to live with shitty code. But as I said - there's no "binary" type in PHP. -- ================== Remove the "x" from my email address Jerry Stuckle JDS Computer Training Corp. jstucklex@attglobal.net ==================

Outils de la discussion
Afficher une version imprimable Envoyer un lien vers cette page par email